My answer below still explains your situation. There is not way to 'restrict' requires. Each module has access to the SAME requires for a given location. If no modules are authoritative, you probably will get INTERNAL_SERVER_ERRORS for all unauthorized requests, right?
sterling On Wednesday, October 16, 2002, at 02:47 AM, Xavier MACHENAUD wrote: > Ooops! > I wanted to say I was NOT using authoritative mode! > > In this case, I want to be able to restrict a require to only one auth > module. > > Xavier > > john wrote: >> >>> -- Original Message -- >>> Reply-To: [EMAIL PROTECTED] >>> Date: Tue, 15 Oct 2002 18:27:18 +0200 >>> From: Xavier MACHENAUD <[EMAIL PROTECTED]> >>> To: [EMAIL PROTECTED] >>> Subject: ability to restrict scope of require directive to a single >>> module >> Hi, >>> >>> I'm facing the following problem : >>> I'm using 2 auth modules in authoritative mode (if one fail, try the >>> other >>> one). >> >> This is your problem here. if both are in authoritative mode, it >> means >> (in your words) : if one fail, DONT try the other one. You need to >> load >> them both, and make the second one authoritative. The problem here >> is twofold: >> 1) there is no way to order auth modules so if you're authoritative >> module >> happens to run first, the other modules will NEVER get a chance to try >> 2) if there is no 'authoritative' module and auth fails (i.e. all >> modules >> return declined) apache core returns INTERNAL SERVER ERROR..... >> instead >> of UNAUTHORIZED. >> >> Until either one of the previous things change, the only workaround >> is to >> make the last auth module called the authoritative one.... that way >> both >> their authorize methods will get invoked. >> >> sterling >
